Excerpts from Rickard Nilsson's message of Tue Oct 18 07:48:46 +0200 2011: > As long as authorized_keys isn't world-writeable, there isn't anything > particular sensitive about it. If the file exists, the activation > script should not mess with the owner or permissions. If it doesn't > exist the owner should be set to the concerned user, and permissions > to 644. One could also imagine the possibility to specify > owner/permissions in configuration.nix, but if you go down that road > it might make more sense to let Nix control authorized_keys > completely, and make proper builds of it in the store.
Just want to say: I'm glad there is nix-store --check-contents. Running that I know that everything is still fine (and that I didn't got hacked). That's I'd prefer such check for some user accounts as well. If the system checks it I don't have to .. But generating such a script doing the check is trivial - so it may be OT. Marc Weber _______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
